use many of the solutions present

in the IT world today. Well-known

authentication mechanisms like IEEE

802.1X combined with RADIUS are

a good example. Many embedded

systems with high-level operating

systems can run cryptographic

libraries (such as OpenSSL) to support

all the secure Layer 3 protocols and

applications useful for secure data

interchange. However, a big challenge

arises when it is necessary to secure

Layer 2 industrial protocols with strict

real-time requirements. The analysis

of these scenarios shows that the

software approach of protecting these

frames by applying cryptographic

algorithms, even using crypto

accelerators, is not straightforward,

and in many cases custom hardware

processing is required.

In the presented topology, from the

network and user point of view, it is

necessary to secure three network

links—the redundant HSR/PRP, the

10/100/1G switching port and the

service ports—with authentication

mechanisms. Furthermore, due to all

the plant traffic passing through the

intelligent gateway, the three links will

play a vital role in monitoring traffic

for potential threats. A final concept

is the integration of a sensor interface

suite. As discussed, the advances

in the technology should help us

to simplify the installations, not

make them more complex. To fulfill

this demand, we integrated all the

standard digital and analog interfaces

in the gateway. Additionally, we also

included high-end interfaces for

advanced vibration sensors and high-

speed data acquisition interfaces with

direct access to the Zynq SoC device.

HOW SOC

PROGRAMMABLE

PLATFORMS DRIVE THE

CHANGE

The “magic” of merging high-end

networking, powerful processing

and sensing capabilities has been

obtained thanks to SoC programmable

platforms. Our product, named

CPPSGate40, embeds a Xilinx

Zynq-7000 All Programmable SoC

device implemented on the SoC-e

SMARTzynq OEM module. The dual-

core ARM® Cortex™-A9 MPCore™

on the device is complemented with

different memory resources (DDR3,

flash, massive storage units, etc.)

and hardware to support multiple

high-speed networking links. This

infrastructure offers a huge level of

freedom to partition hardware and

software processing in order to face the

Figure 3 – Lathes section in the Microdeco factory

New-Tech Magazine Europe l 49